Karsun Solutions
Why Karsun?
Join Karsun Solutions to grow your career with the company transforming possible for the US Government.
At Karsun, collaboration drives our community. We’re committed to building an environment where team members from diverse backgrounds can innovate, learn and grow with us. Here at Karsun, the only limit to your potential is the limit of your curiosity.
Join Team Karsun, and Find Your Next!
Summary
As a Lead Security Engineer, you will contribute to improving the overall security posture of the organization by implementing, upgrading and monitoring security measures for the protection of computer networks and information. In collaboration with Security Engineering and Operations, you will develop, review, and implement security strategies and best practices. What You'll Do
Ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure. May respond to computer security breaches and viruses. Ensure integration of security solutions, as the security SME and liaison with the customer ISSO/ISSM Determine security requirements for cloud platform services and components Conduct system security and vulnerability analyses, and risk assessments Evaluate security aspects of solutions proposed by project teams and provide guidance accordingly Architect security solutions and manage frameworks, for AWS and on-premises infrastructure and services Provide guidance to product owners and DevOps teams in adoption of security best practices Create and maintain information security documentation including SSPs, documentation packages for environment ATOs, discussions with security teams and strategic and tactical issue resolutions Identify and evaluate emerging security technologies Required Qualifications
Requires a Bachelor’s Degree in cybersecurity, information systems, business systems, management information systems, IT Management, or other IT degree and a minimum of 10 years of relevant experience. Engineering, math, and/or science degrees are acceptable substitute degrees. 10+ years of related professional experience including: 6+ years of experience with core cybersecurity architecture 2+ years of experience managing FISMA compliance for large systems with active experience in working with NIST standards, DISA/STIG standards, creating and maintaining required information security documentation 2+ years of experience working with NIST Special publications, FIPS, FISMA guidelines, OMB Mandates and FEA Security guidelines and FedRAMP security specifications 1+ year of AWS based Cloud security constructs, services and tools working experience Experience with the NIST Risk Management Framework (RMF) requirements, processes, and procedures Demonstrated experience in a DevSecOps environment Demonstrated experience in government or industry leading enterprise-level cyber security efforts involving architecting, designing, development, and configuration of cloud and on-premise based systems and software Experience implementing and maintaining security controls; providing guidance, oversight, and expertise; and developing security documents to secure and support an ATO Demonstrated experience in supporting all system A&A activities Knowledge of SDLC with experience in Agile methodologies One or more cybersecurity certifications (examples): CAP, CISSP, GSEC, GICSP, CCSP, CISA, CISM, GSLC Ability to obtain and maintain a Public Trust clearance Preferred Qualifications
AWS Certified Associate Solutions Architect is desirable Things to Know
Commitment to Non-Discrimination All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, local, or international law. Salary Range
The proposed salary range for this role is $120,000.00 to $150,000.00 USD. The salary range provided is a good faith estimate representative of all experience levels. Karsun considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate’s work experience, location, education/training, and key skills. Third Party Resumes
Karsun does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of Karsun and Karsun will not be obligated to pay a placement fee. Clearance Information
This position requires the eligibility to obtain a security clearance. The Defense Industrial Security Clearance Office (DISCO), an agency of the Department of Defense, handles and adjudicates the security clearance process. More information about Security Clearances can be found on the US Department of State government website: https://www.state.gov/m/ds/clearances/c10978.htm Location
To be considered for this role, you must reside in one of the following states: CA, CO, DC, FL, GA, IL, MD, NJ, NY, NC, OH, OK, PA, SC, TX, VA, WV. Required Qualifications
Requires a Bachelor’s Degree in cybersecurity, information systems, business systems, management information systems, IT Management, or other IT degree and a minimum of 10 years of relevant experience. Engineering, math, and/or science degrees are acceptable substitute degrees. 10+ years of related professional experience including: 6+ years of experience with core cybersecurity architecture 2+ years of experience managing FISMA compliance for large systems with active experience in working with NIST standards, DISA/STIG standards, creating and maintaining required information security documentation 2+ years of experience working with NIST Special publications, FIPS, FISMA guidelines, OMB Mandates and FEA Security guidelines and FedRAMP security specifications 1+ year of AWS based Cloud security constructs, services and tools working experience Experience with the NIST Risk Management Framework (RMF) requirements, processes, and procedures. Demonstrated experience in a DevSecOps environment. Demonstrated experience in government or industry leading enterprise-level cyber security efforts involving architecting, designing, development, and configuration of cloud and on-premise based systems and software. Experience implementing and maintaining security controls; providing guidance, oversight, and expertise; and developing security documents to secure and support an ATO. Demonstrated experience in supporting all system A&A activities. Knowledge of SDLC with experience in Agile methodologies Require one or more cybersecurity certifications (examples below): CAP, CISSP, GSEC, GICSP, CCSP, CISA, CISM, GSLC Ability to obtain and maintain a Public Trust clearance What You'll Do
Ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure. May respond to computer security breaches and viruses. Ensure integration of security solutions, as the security SME and liaison with the customer ISSO/ISSM Determine security requirements for cloud platform services and components Conduct system security and vulnerability analyses, and risk assessments Evaluate security aspects of solutions proposed by project teams and provide guidance accordingly Architect security solutions and manage frameworks, for AWS and on-premises infrastructure and services Provide guidance to product owners and DevOps teams in adoption of security best practices Create and maintain information security documentation including SSPs, documentation packages for environment ATOs, discussions with security teams and strategic and tactical issue resolutions Identify and evaluate emerging security technologies
#J-18808-Ljbffr
As a Lead Security Engineer, you will contribute to improving the overall security posture of the organization by implementing, upgrading and monitoring security measures for the protection of computer networks and information. In collaboration with Security Engineering and Operations, you will develop, review, and implement security strategies and best practices. What You'll Do
Ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure. May respond to computer security breaches and viruses. Ensure integration of security solutions, as the security SME and liaison with the customer ISSO/ISSM Determine security requirements for cloud platform services and components Conduct system security and vulnerability analyses, and risk assessments Evaluate security aspects of solutions proposed by project teams and provide guidance accordingly Architect security solutions and manage frameworks, for AWS and on-premises infrastructure and services Provide guidance to product owners and DevOps teams in adoption of security best practices Create and maintain information security documentation including SSPs, documentation packages for environment ATOs, discussions with security teams and strategic and tactical issue resolutions Identify and evaluate emerging security technologies Required Qualifications
Requires a Bachelor’s Degree in cybersecurity, information systems, business systems, management information systems, IT Management, or other IT degree and a minimum of 10 years of relevant experience. Engineering, math, and/or science degrees are acceptable substitute degrees. 10+ years of related professional experience including: 6+ years of experience with core cybersecurity architecture 2+ years of experience managing FISMA compliance for large systems with active experience in working with NIST standards, DISA/STIG standards, creating and maintaining required information security documentation 2+ years of experience working with NIST Special publications, FIPS, FISMA guidelines, OMB Mandates and FEA Security guidelines and FedRAMP security specifications 1+ year of AWS based Cloud security constructs, services and tools working experience Experience with the NIST Risk Management Framework (RMF) requirements, processes, and procedures Demonstrated experience in a DevSecOps environment Demonstrated experience in government or industry leading enterprise-level cyber security efforts involving architecting, designing, development, and configuration of cloud and on-premise based systems and software Experience implementing and maintaining security controls; providing guidance, oversight, and expertise; and developing security documents to secure and support an ATO Demonstrated experience in supporting all system A&A activities Knowledge of SDLC with experience in Agile methodologies One or more cybersecurity certifications (examples): CAP, CISSP, GSEC, GICSP, CCSP, CISA, CISM, GSLC Ability to obtain and maintain a Public Trust clearance Preferred Qualifications
AWS Certified Associate Solutions Architect is desirable Things to Know
Commitment to Non-Discrimination All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, local, or international law. Salary Range
The proposed salary range for this role is $120,000.00 to $150,000.00 USD. The salary range provided is a good faith estimate representative of all experience levels. Karsun considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate’s work experience, location, education/training, and key skills. Third Party Resumes
Karsun does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of Karsun and Karsun will not be obligated to pay a placement fee. Clearance Information
This position requires the eligibility to obtain a security clearance. The Defense Industrial Security Clearance Office (DISCO), an agency of the Department of Defense, handles and adjudicates the security clearance process. More information about Security Clearances can be found on the US Department of State government website: https://www.state.gov/m/ds/clearances/c10978.htm Location
To be considered for this role, you must reside in one of the following states: CA, CO, DC, FL, GA, IL, MD, NJ, NY, NC, OH, OK, PA, SC, TX, VA, WV. Required Qualifications
Requires a Bachelor’s Degree in cybersecurity, information systems, business systems, management information systems, IT Management, or other IT degree and a minimum of 10 years of relevant experience. Engineering, math, and/or science degrees are acceptable substitute degrees. 10+ years of related professional experience including: 6+ years of experience with core cybersecurity architecture 2+ years of experience managing FISMA compliance for large systems with active experience in working with NIST standards, DISA/STIG standards, creating and maintaining required information security documentation 2+ years of experience working with NIST Special publications, FIPS, FISMA guidelines, OMB Mandates and FEA Security guidelines and FedRAMP security specifications 1+ year of AWS based Cloud security constructs, services and tools working experience Experience with the NIST Risk Management Framework (RMF) requirements, processes, and procedures. Demonstrated experience in a DevSecOps environment. Demonstrated experience in government or industry leading enterprise-level cyber security efforts involving architecting, designing, development, and configuration of cloud and on-premise based systems and software. Experience implementing and maintaining security controls; providing guidance, oversight, and expertise; and developing security documents to secure and support an ATO. Demonstrated experience in supporting all system A&A activities. Knowledge of SDLC with experience in Agile methodologies Require one or more cybersecurity certifications (examples below): CAP, CISSP, GSEC, GICSP, CCSP, CISA, CISM, GSLC Ability to obtain and maintain a Public Trust clearance What You'll Do
Ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure. May respond to computer security breaches and viruses. Ensure integration of security solutions, as the security SME and liaison with the customer ISSO/ISSM Determine security requirements for cloud platform services and components Conduct system security and vulnerability analyses, and risk assessments Evaluate security aspects of solutions proposed by project teams and provide guidance accordingly Architect security solutions and manage frameworks, for AWS and on-premises infrastructure and services Provide guidance to product owners and DevOps teams in adoption of security best practices Create and maintain information security documentation including SSPs, documentation packages for environment ATOs, discussions with security teams and strategic and tactical issue resolutions Identify and evaluate emerging security technologies
#J-18808-Ljbffr